Senior Endpoint Engineer; Jamf Europe
Listed on 2026-06-27
-
IT/Tech
Cybersecurity
Location: Central
Together with the Zoolatech team, our partner, a leading construction management company, is at the forefront of developing a cloud‑based software solution. This innovative platform is instrumental in the successful completion of major projects including skyscrapers, hospitals, data centers, stadiums, and schools. It streamlines the management of finances, quality, teams, and risks, making these processes transparent, convenient, and regulation‑compliant. Our partner is not only an expert in construction management but also a significant technology innovator, actively developing web and mobile solutions.
You’ll be joining the IT Engineering team currently undergoing a significant security transformation. The team sits at the intersection of IT and Security Engineering, and this engagement is happening during an active organizational restructuring where security responsibilities are being consolidated and matured.
Project Work streams Endpoint compliance for a certification. Zscaler ZTNA rollout via Jamf. Jamf environment remediation. Responsibilities- Audit the macOS fleet against CIS Benchmark (Level 1 &
2) and NIST 800-179 baselines; identify and remediate deviations at scale via Jamf configuration profiles and scripts - Develop and maintain hardening scripts (bash/zsh/Python) deployed via Jamf policies
- Enforce software update and patch compliance aligned to Cyber Essentials Plus and SOC 2 requirements
- Rebuild and organize the Jamf environment: smart/static groups, scoping logic, naming conventions, policy hygiene, extension attributes
- Deploy Zscaler Client Connector through Jamf and configure device trust signals to feed ZPA/ZIA conditional access decisions
- Integrate Jamf with the identity provider (Okta) and Google Workspace for conditional access enforcement
- Support certificate‑based authentication and MDM enrollment workflows
- Produce compliance documentation: runbooks, architecture decision records, and audit evidence artifacts
- Map Jamf configurations to compliance controls across CIS, NIST, Cyber Essentials Plus, and SOC 2
- 5 years of experience in the role of Endpoint Engineering or similar
- 2+ years of hands‑on Jamf Pro administration in an enterprise environment (500+ managed devices)
- Deep expertise in macOS security hardening—CIS Benchmarks, configuration profiles, kernel extensions, and SIP/PPPC/TCC management
- Proficiency in scripting for Jamf deployment: bash, zsh, and/or Python
- Demonstrated experience implementing or auditing against a recognized security framework (CIS, NIST, SOC 2, or equivalent)
- Ability to work autonomously, prioritize effectively, and deliver within a defined scope
- Strong verbal communication skills in English to work with an international team
- Strong written communication—documentation is treated as a first‑class deliverable here
- Practical experience using AI tools in day‑to‑day work (for scripting assistance, documentation, troubleshooting, or research)
- Jamf certifications
- Experience with enterprise‑scale Mac environments
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).